-
Committer:
Bazaar Package Importer
-
Author(s):
Jonathan Riddell
-
Date:
2006-01-06 21:04:22 UTC
-
Revision ID:
james.westby@ubuntu.com-20060106210422-5hfp90m9jjqmv03s
Tags: 1:1.4.1-0ubuntu7.2
* SECURITY UPDATE: Multiple integer/buffer overflows.
* Update kubuntu_02_xpdf_vulnerability.diff
* xpdf/Stream.cc, CCITTFaxStream::CCITTFaxStream():
- Check columns for negative or large values.
- CVE-2005-3624
* xpdf/Stream.cc, numComps checks introduced in CVE-2005-3191 patch:
- Reset numComps to 0 since it's a global variable that is used later.
- CVE-2005-3627
* xpdf/Stream.cc, DCTStream::readHuffmanTables():
- Fix out of bounds array access in Huffman tables.
- CVE-2005-3627
* xpdf/Stream.cc, DCTStream::readMarker():
- Check for EOF in while loop to prevent endless loops.
- CVE-2005-3625
* xpdf/JBIG2Stream.cc, JBIG2Bitmap::JBIG2Bitmap(), JBIG2Bitmap::expand(),
JBIG2Stream::readHalftoneRegionSeg():
- Check user supplied width and height against invalid values.
- Allocate one extra byte to prevent out of bounds access in combine().
- CVE-2005-3628
* References:
CVE-2005-3626
CESA-2005-003
http://www.kde.org/info/security/advisory-20051207-2.txt